SOA-C02 Leak Questions

To reconfigure the infrastructure to support a microservices approach with the least administrative overhead, using an Application Load Balancer (ALB) with path-based routing is the most suitable solution.

Application Load Balancer (ALB):

ALBs are designed to distribute incoming application traffic across multiple targets, such as EC2 instances, in one or more Availability Zones.

ALBs support path-based routing, which allows you to route requests to different microservices based on the URL path.

Path-Based Routing:

With path-based routing, you can configure your ALB to route requests to specific target groups based on the URL path.

For example, requests to example.com/service1/* can be routed to one microservice, while requests to example.com/service2/* can be routed to another.

Implementation Steps:

Go to the EC2 console and navigate to "Load Balancers."

Create an ALB and configure the listener.

Define rules for path-based routing and create target groups for each microservice.

Register the appropriate EC2 instances with each target group.

References:

Application Load Balancers

ALB Path-Based Routing

"Network Load Balancer is optimized to handle sudden and volatile traffic patterns while using a single static IP address per Availability Zone." https://aws.amazon.com/elasticloadbalancing/network-load-balancer/

For an application that must scale to millions of requests per second and requires a single static IP address for each Availability Zone, a Network Load Balancer (NLB) is the most suitable option. NLBs are designed for high-performance, low-latency networking, and they support static IP addresses for each Availability Zone, making it ideal for volatile traffic patterns. Option D is the correct choice. AWS provides extensive documentation on NLB capabilities and configurations that suit these requirements AWS Network Load Balancer.

To resolve the issue of an AWS Lambda function unable to connect to a database that has been moved to a private subnet, the Lambda function needs to be connected to the same VPC as the database. This is done by configuring the Lambda function with VPC access. This involves specifying the VPC, subnets, and security groups for the Lambda function so that it can communicate with the database using its private endpoint. Option B is correct as it directly addresses the issue without compromising security. AWS documentation on configuring VPC access for Lambda provides guidance on this setup Configuring VPC Access for Lambda.

To implement a highly available solution that provides the functionality to use a minimum of three On-Demand instances and three Spot instances when prices are at a certain threshold, defining an Amazon EC2 Auto Scaling group using a launch template is the most suitable solution. This approach minimizes operational overhead by consolidating configuration and management tasks.

Define a Launch Template:

Use the provided AMI in the launch template.

Configure the instance type, key pair, security groups, and other necessary parameters.

Create an Auto Scaling Group:

Use the launch template for the Auto Scaling group.

Specify a desired capacity of three On-Demand instances.

Configure the Auto Scaling group to use mixed instances policies, which allow you to specify a combination of On-Demand and Spot instances.

Set the maximum price for Spot instances in the launch template to ensure that Spot instances are used only when their prices are below the specified threshold.

Configuration Steps:

Open the EC2 console and navigate to "Launch Templates."

Create a new launch template with the necessary configurations.

Navigate to "Auto Scaling Groups" and create a new Auto Scaling group using the launch template.

Configure the desired capacity, minimum capacity, and maximum capacity.

Under "Advanced Options," specify the mixed instances policy and set the maximum price for Spot instances.

References:

Amazon EC2 Auto Scaling Launch Templates

Auto Scaling Mixed Instances Policies